RGPD & Protection des données

Dernière mise à jour: 10/06/2025

    At Eurhosting, GDPR compliance is not a checkbox — it is a founding principle. All our infrastructure is located within the European Union. We never transfer your data outside the EU. This page provides full documentation for customers, partners and auditors.

1. Data Controller

Eurhosting SHPK
NIPT M52305043P
Email: info@eurhosting.net
DPO contact: privacy@eurhosting.net

2. Processing Activities Register

The following table summarises the personal data processing activities carried out by Eurhosting SHPK as Data Controller.

Purpose	Data Categories	Legal Basis	Retention	Transfers
Service delivery & contract management	Name, email, billing address, VAT/tax ID, payment data	Art. 6.1.b — Contract performance	Duration of service + 10 years (legal obligation)	EU only
Technical support & ticket management	Name, email, technical data provided in support requests	Art. 6.1.b — Contract performance	Duration of service + 2 years	EU only
Service communications (renewals, expiries)	Name, email	Art. 6.1.b — Contract performance	Duration of service	EU only
Access logs & security monitoring	IP address, access timestamps, actions performed	Art. 6.1.f — Legitimate interest (security)	Duration of contractual relationship	EU only
Website analytics	Anonymised browsing data (Google Analytics 4)	Art. 6.1.a — Consent	26 months (GA4 default)	Google LLC (adequate safeguards)
Contact form enquiries	Name, email, message content	Art. 6.1.b — Pre-contractual measures	2 years from last contact	EU only
Legal & tax compliance	Invoicing data, transaction records	Art. 6.1.c — Legal obligation	10 years	EU only

3. Data Processor Agreement (DPA)

Customers who process personal data through Eurhosting services (e.g. websites, applications or databases hosted on our infrastructure) may require a Data Processing Agreement (DPA) pursuant to Art. 28 GDPR.

Eurhosting provides a standard DPA to all customers upon request. To request your DPA, write to privacy@eurhosting.net with subject line "DPA Request — [your account email]".

4. Sub-processors

Eurhosting uses the following sub-processors for the delivery of its services:

Google LLC — Website analytics (Google Analytics 4). Standard Contractual Clauses in place. Google GDPR commitments →
Payment processors — PayPal, Stripe (credit/debit card processing). Both are PCI-DSS certified and GDPR compliant.

No personal data is shared with sub-processors outside the EU/EEA except where adequate safeguards (Standard Contractual Clauses or adequacy decisions) are in place.

5. Your Rights

Under the GDPR you have the following rights, exercisable free of charge by contacting privacy@eurhosting.net:

📋 Right of Access (Art. 15)

Obtain a copy of your personal data and information about how it is processed.

✏️ Right to Rectification (Art. 16)

Request correction of inaccurate or incomplete personal data.

🗑️ Right to Erasure (Art. 17)

Request deletion of your personal data ("right to be forgotten").

⏸️ Right to Restriction (Art. 18)

Request that processing of your data be restricted in certain circumstances.

📦 Right to Portability (Art. 20)

Receive your data in a structured, machine-readable format.

🚫 Right to Object (Art. 21)

Object to processing based on legitimate interests or for direct marketing.

We will respond to all rights requests within 30 days. In complex cases, this may be extended by a further 60 days with notification.

6. Exercise Your Rights

To exercise any of the above rights, send a request to privacy@eurhosting.net with:

Subject: "GDPR Rights Request — [type of right]"
Your full name and account email address;
A copy of a valid identity document (for verification purposes);
A clear description of your request.

7. Data Breach Notification

In the event of a personal data breach, Eurhosting will notify the competent supervisory authority within 72 hours of becoming aware of the breach, where required by Art. 33 GDPR. Affected individuals will be notified without undue delay where the breach is likely to result in a high risk to their rights and freedoms (Art. 34 GDPR).

8. Infrastructure Location

All Eurhosting infrastructure — servers, storage, network equipment — is located exclusively within the European Union. No customer data is processed on servers outside the EU. This applies to all services: Shared Hosting, VPS, and Dedicated Servers.

9. Supervisory Authority

You have the right to lodge a complaint with a data protection supervisory authority. As Eurhosting SHPK operates within the EU, you may contact the supervisory authority in your country of residence or the authority in the country where you believe an infringement has occurred.

A list of EU supervisory authorities is available at: European Data Protection Board — Members →

10. Contact

For all GDPR-related enquiries:
📧 privacy@eurhosting.net
🌐 www.eurhosting.net
Eurhosting SHPK — NIPT M52305043P